Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Professional Cloud Developer Topic 1 Question 84 Discussion

Actual exam question for Google's Professional Cloud Developer exam
Question #: 84
Topic #: 1
[All Professional Cloud Developer Questions]

You have an application that uses an HTTP Cloud Function to process user activity from both desktop browser and mobile application clients. This function will serve as the endpoint for all metric submissions using HTTP POST.

Due to legacy restrictions, the function must be mapped to a domain that is separate from the domain requested by users on web or mobile sessions. The domain for the Cloud Function is https://fn.example.com. Desktop and mobile clients use the domain https://www.example.com. You need to add a header to the function's HTTP response so that only those browser and mobile sessions can submit metrics to the Cloud Function. Which response header should you add?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Filiberto at May 31, 2024, 03:32 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Developer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ronald
2 days ago
I agree with Bethanie. C is the way to go here. Gotta keep those pesky hackers out, you know?
upvoted 0 times
...
Bethanie
5 days ago
Option C is the correct answer. The Cloud Function should only allow requests from the domain that users access, which is https://www.example.com.
upvoted 0 times
...
Allene
23 days ago
I agree with Ahmad, C) Access-Control-Allow-Origin: https://fn.example.com makes sense because it restricts submissions to the Cloud Function from the specific domain
upvoted 0 times
...
Lacresha
30 days ago
I disagree, I believe the header should be A) Access-Control-Allow-Origin: *
upvoted 0 times
...
Ahmad
1 months ago
I think the correct header to add is C) Access-Control-Allow-Origin: https://fn.example.com
upvoted 0 times
...

Save Cancel
a